OpenZeppelin offers templates for smart contracts. Using their templates is not only a good way to avoid common pitfall (such as overflows) when implementing common mechanisms (such as burning and minting tokens), but also it greatly simplifies audits.

Unfortunately I am a bit limited here by my weak knowledge of Smart Contract development. It seems to me that all make sense for CO:

Standard Tokens because even if we might end up implementing Security Tokens, it looks like all ST implementations are derived from ERC-20 tokens. So using Standard Tokens as a basis for a CO tokens makes sense.

Ownable Token looks required to set the address of the Project Leader. It might probably be more complicated than that to implement in the end because most of the decisions cannot be taken unilaterally by the project leader but I think it’s a good start.